Systems and methods for securely booting a computer with a trusted processing module
First Claim
1. A computer readable storage medium bearing instructions for a secure boot process on a computer with a hardware security module (HSM) that contains recorded values, compares submitted values to the recorded values, and releases a secret if the submitted values are correct, said computer readable medium comprising:
- instructions for submitting at least one value to the HSM, wherein if said at least one value is correct, the HSM releases a first secret;
instructions for retrieving the first secret;
instructions for decrypting data using information that is accessible due to retrieving of the first secret, wherein the execution of said instructions for decrypting produces decrypted data;
instructions for at least a portion of a computer boot process, wherein said computer boot process cannot complete a normal boot without said decrypted data; and
instructions for submitting at least one replacement value to the HSM to replace the at least one value, wherein said at least one replacement value revokes access to said first secret and, if said replacement value is correct, the HSM releases a second secret required to continue the normal boot.
2 Assignments
0 Petitions
Accused Products
Abstract
In a computer with a trusted platform module (TPM), an expected hash value of a boot component may be placed into a platform configuration register (PCR), which allows a TPM to unseal a secret. The secret may then be used to decrypt the boot component. The hash of the decrypted boot component may then be calculated and the result can be placed in a PCR. The PCRs may then be compared. If they do not, access to the an important secret for system operation can be revoked. Also, a first secret may be accessible only when a first plurality of PCR values are extant, while a second secret is accessible only after one or more of the first plurality of PCR values has been replaced with a new value, thereby necessarily revoking further access to the first secret in order to grant access to the second secret.
-
Citations
20 Claims
-
1. A computer readable storage medium bearing instructions for a secure boot process on a computer with a hardware security module (HSM) that contains recorded values, compares submitted values to the recorded values, and releases a secret if the submitted values are correct, said computer readable medium comprising:
-
instructions for submitting at least one value to the HSM, wherein if said at least one value is correct, the HSM releases a first secret; instructions for retrieving the first secret; instructions for decrypting data using information that is accessible due to retrieving of the first secret, wherein the execution of said instructions for decrypting produces decrypted data; instructions for at least a portion of a computer boot process, wherein said computer boot process cannot complete a normal boot without said decrypted data; and instructions for submitting at least one replacement value to the HSM to replace the at least one value, wherein said at least one replacement value revokes access to said first secret and, if said replacement value is correct, the HSM releases a second secret required to continue the normal boot. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A computer comprising a hardware security module (HSM) that contains recorded values, compares submitted values to the recorded values, and releases a secret if the submitted values are correct, said computer also comprising:
-
means for submitting at least one value to the HSM, wherein if said at least one value is correct, the HSM releases a first secret; means for retrieving the first secret; means for decrypting data using information that is accessible due to retrieving of the first secret, wherein the operation of said means for decrypting produces decrypted data; means comprising at least a portion of a computer boot process, wherein said computer boot process cannot complete a normal boot without said decrypted data; and
means for submitting at least one replacement value to the HSM to replace the at least one value, wherein said at least one replacement value revokes access to said first secret and, if said replacement value is correct, the HSM releases a second secret required to continue the normal boot. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A computer readable storage medium bearing instructions for a secure boot process on a computer with a plurality of partitions and a hardware security module (HSM) that contains recorded values, compares submitted values to the recorded values, and releases a secret if the submitted values are correct, said computer readable medium comprising:
-
instructions for submitting at least one value to the HSM, wherein if said at least one value is correct, the HSM releases a first secret; instructions for retrieving the first secret; instructions for removing the first secret from a memory location; instructions for submitting at least one second value to the HSM, wherein if said second value is correct, the HSM releases a second secret and not the first secret. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
-
Specification